Radiator Config Example 1
# Radiator Configuration Example for Organizations that have their own APs and
# that are connected to the Radius Mesh
# Last updated 10-29-2003
# By Bret Jordan
#
# Items in RED need to be configured for your setup at a minimum
#
# radius.cfg - server1.something.com
# ----------------------------------------
# General Server Options
# ----------------------------------------
#Foreground
BindAddress 10.0.0.1
AuthPort 1812
AcctPort 1813
User radius
Group radius
PidFile /var/run/radiator.pid
DbDir /usr/local/radiator/etc
DictionaryFile %D/dictionary
# ----------------------------------------
# Logging
# ----------------------------------------
#LogStdout
LogDir /var/log/radiator
<Log FILE>
Identifier Logger_System
Trace 3
Filename %L/radiator.log
</Log>
<AuthLog FILE>
Identifier Logger_Authentication
Filename %L/authentication.log
LogSuccess 1
LogFailure 1
SuccessFormat %l,%W,%U,%N,%h,OK
FailureFormat %l,%W,%U,%N,%h,FAIL
</AuthLog>
<StatsLog FILE>
Interval 604800
Filename %L/stats.log
#Format
</StatsLog>
# ----------------------------------------
# Access Points
# ----------------------------------------
<Client 10.0.0.131>
NoIgnoreDuplicates Access-Request
NoIgnoreDuplicates Access-Challenge
Secret xxxxxxxxxxxxxxxxxxxx
DupInterval 0
Identifier Wireless_AccessPoint
DefaultRealm something.com
IdenticalClients 10.0.0.131 10.0.0.132
IdenticalClients 10.0.0.133 10.0.0.134
</Client>
# ----------------------------------------
# Campus Radius Servers
# ----------------------------------------
<Client 10.10.10.2>
NoIgnoreDuplicates Access-Request
NoIgnoreDuplicates Access-Challenge
Secret xxxxxxxxxxxxxxxxxxxx
DupInterval 0
Identifier Radius_Mesh
IdenticalClients 10.10.10.2 10.10.10.3 10.10.10.4
</Client>
<Handler Realm=something.com,Client-Identifier=/Wireless_AccessPoint|Radius_Mesh/>
RejectHasReason
AcctLogFileName %L/something.com_accounting.log
AcctLogFileFormat %l, %{User-Name}, %{Acct-Session-Id}, %{Acct-Authentic}, \
%{Acct-Status-Type}, %{NAS-Identifier}, %{NAS-IP-Address}, \
%{NAS-Port}, %{NAS-Port-Type}, %{Timestamp}
#PasswordLogFileName %L/something.com_login.log
Log Logger_System
AuthLog Logger_Authentication
RewriteUsername s/^([^@]+).*/$1/
<AuthBy FILE>
Filename %D/something.com_users
EAPTLS_SessionResumption 0
EAPType TTLS TLS
EAPTLS_MaxFragmentSize 1024
EAPTLS_CAFile %D/cert/root.pem
EAPTLS_CertificateType PEM
EAPTLS_CertificateFile %D/cert/server-cert.pem
EAPTLS_PrivateKeyFile %D/cert/server-cert.pem
EAPTLS_PrivateKeyPassword xxxxxxxxxxxxxxxxxxxx
#EAPTLS_RandomFile %D/cert/random
AutoMPPEKeys
</AuthBy>
</Handler>
<Handler Realm=/.*/,Client-Identifier=Wireless_AccessPoint>
RejectHasReason
AcctLogFileName %L/default_accounting.log
AcctLogFileFormat %l, %{User-Name}, %{Acct-Session-Id}, %{Acct-Authentic}, \
%{Acct-Status-Type}, %{NAS-Identifier}, %{NAS-IP-Address}, \
%{NAS-Port}, %{NAS-Port-Type}, %{Timestamp}
#PasswordLogFileName %L/default_login.log
Log Logger_System
AuthLog Logger_Authentication
<AuthBy RADIUS>
AuthPort 1812
AcctPort 1813
OutPort 1814
EAPTLS_SessionResumption 0
FailureBackoffTime 60
Secret xxxxxxxxxxxxxxxxxxxx
RetryTimeout 5
Retries 3
#radius01.utah.edu
<Host 10.10.10.2>
</Host>
<Host 10.10.10.3>
</Host>
<Host 10.10.10.4>
</Host>
</AuthBy>
</Handler>
